Someone seems to have hacked the USDA website to share pirated movies

0

Something on the United States Department of Agriculture (USDA) website has gone wrong.

Although the Federal Department is generally known for handling agriculture and food safety policy, it appears to have dipped its toes into a new area: pirated movies.

A large cache of recently publicly available PDFs began appearing on USDA.gov that links to pirated media including movies, TV shows, sporting events, and video games, in what appears to be either a hack, an inside job, or some kind of weird glitch .

Check out these links, archived at USDA.gov, for illegal streams of “Spider-Man: No Coming Home,The Matrix Resurrections“, or the new “movie “Ghostbusters”. Or maybe you want to attend a hacked sporting event like a football match between Liverpool and Arsenal, or one UFC fight. Other PDFs offer links to what are clearly scams buy instagram followers Where Robux for the Roblox video game.

“What’s surprising is how widespread it is,” Richard Forno, deputy director of the University of Maryland, Baltimore County Center for Cybersecurity, told Futurism of the apparent breach. “How was this not noticed?”

The PDF files appeared specifically on a subdomain of USDA.gov dedicated to SNAP-Ed, a program aimed at educating people receiving food assistance on shopping and preparing healthy meals. The PDFs, which contain spammy links to pirated media on third-party websites as well as garbled text, were sandwiched between healthy subdomain pages on topics such as homemade holiday meals and onions.

After Futurism contacted the USDA, the entire SNAP-Ed subdomain disappeared from the department’s site, replaced by a landing page decked out in text lorem ipsum.

“The USDA takes security – both in online and physical spaces – very seriously,” a USDA spokesperson told Futurism. “We are working with our cybersecurity teams to investigate the issue and will resolve it as quickly as possible.”

Jake Moore, global cybersecurity advisor for internet security firm ESET, said he believed the apparent intrusion was likely an effort by a hacker to boost the SEO rankings of streaming sites by relying on a government domain. SEO analytics firm Ahrefs estimates that USDA.gov has an ironclad domain authority of 92, making all the outbound links it hosts a prize for SEO agents.

In recent years, Google has amended its algorithm fight against piracy and voluntarily withdrawn countless hacking sites. This means that the people behind these sites had to get more creative in order to boost their ranking with the search engine – and this could be one of their tactics.

“Google doesn’t like to optimize pirated material,” Moore told Futurism. “However, you can still find it in some form or another in their search results. It’s not waterproof. So a bad actor could just get access to those PDFs on a government website and include those links. , which will push the sites up the rankings.

Moore added that hackers could take a two-pronged approach. Not only does the tactic help increase their websites in search engines, but it could also be used to market their hacking skills to potential clients seeking access to government servers.

“If someone is trying to sell their credentials on this government site, they might want to show proof that they entered it,” Moore explained. “With these PDFs, it’s very easy to add pirated material that the government would never publicize. This therefore proves that the hackers were able to access these files.

“They are also able to show real links to dark web marketplaces,” he said. “This informs a buyer that they have access to potentially more dangerous attacks on the site.”

Perhaps most disconcerting, however, is the fact that this breach has seemingly flown under the radar of federal government cybersecurity expertise. Forno told Futurism that the hack should have triggered “sensors somewhere.”

As for the question of how exactly bad actors got into the USDA’s systems, Moore thinks it’s likely the result of a phishing campaign. Alternatively, he said, someone with access to the department’s website could also have willingly given or sold their login credentials to hackers.

However, Forno and Moore said they would not rule out the possibility that the attack came from a belligerent nation-state carrying out a coordinated cyberattack. In 2020, many US departments fell victim to the SolarWinds cyberattack, which resulted in the email and credentials of senior government officials being breached. Although such an attack is highly unlikely in this case – not least because state-sanctioned hackers would likely do something sneakier than improve the SEO scores of streaming sites – it’s always a possibility.

Interestingly, some members of the Black Hat SEO community have publicly discussed how to inject PDFs into government websites, including the USDA specifically, with instructions that led to a login portal that the USDA took offline shortly after the SNAP-Ed subdomain.

It also appears that the same attackers, or others using a similar trick, have successfully placed PDF files on other government sites. The Bureau of Indian Affairs, for example, appears to have previously hosted similar files, although they were deleted before Futurism discovered the phenomenon and only cached versions remain.

No matter who is behind the apparent intrusion, this should worry both the US government and the public. More … than 41 million Americans rely on SNAP benefits to buy food every day. While this hack is somewhat mundane, it indicates that the very website these Americans rely on to feed themselves and their families could be vulnerable to bad actors seeking access to their personal information.

It also raises the grim possibility that someone who has gained improper access to a .gov domain could download a PDF with explosive ramifications, containing misinformation, or designed to sow national or international discord.

“What else could be compromised on this server?” Forno asked. “Is user data protected? Is this part of a larger security issue for this network? This absolutely raises questions.

Additional reporting by Jon Christian.

Learn more about cybersecurity: A National Cybersecurity Council has just lost 8 of its 28 members

Would you like to support the adoption of clean energy? Find out how much money (and the planet!) you could save by switching to solar power at UnderstandSolar.com. By registering via this link, Futurism.com may receive a small commission.

Share.

About Author

Comments are closed.